麻豆传媒

Cyber
Cyberattacks and Operational Disruption

Download PDF

Introduction

Cyber risk is an evolving and often misunderstood class of risk. Rapid technological change, the ever-increasing reach and skills of hackers, and the unpredictability and often unexpected cost of cyber events compound the challenges and increase the stakes for cyber risk protection.

There are many varieties of cyberattacks. The most frequent are denial of service (DOS), data breaches, ransomware, theft of proprietary information, theft of financial resources, and disruption of supply chains. The common denominator in each of these is the disruption of operations within the organization. Shortterm losses from ransom settlements and even financial cybertheft can pale in comparison to the long-term costs incurred due to an operational disruption.

Operational Disruption

Business operation disruption, with its inherent loss of productivity and revenue, is always a concern for business leaders. A recent study found that cyberattacks are considered the most likely cause of business disruption for leaders of companies of all sizes.1 The financial costs can be significant.

These costs arise in various areas, and business leaders must identify both the possible and likely scope of potential impacts from an operational disruption in their company.

A recent analysis from Deloitte found that business leaders tend to gravitate toward calculating the more easily quantifiable costs from a cyber incident 鈥 the breach of customer and employee records, for example, along with legal judgments and penalties 鈥 and less on the costs related to more serious impacts, including the disruption of operations. Although these are more difficult to quantify, their cascading impacts represent a more severe threat to the business鈥檚 long-term viability.2

Fortunately, there are models to estimate operational disruption costs and best practice recovery techniques, such as establishing Recovery Time Objectives and incident response plans for critical systems and applications. In combination, these steps enable business leaders to manage cyber risks more completely and plan for a stronger recovery.

Operational Disruption Case Studies

Clorox庐 Company

The consumer-products giant Clorox庐 Company was the victim of a catastrophic cyberattack in Q3 2023, and Q1 2024 results suffered significantly: 鈥淥rder processing delays and significant product outages鈥 dented quarterly sales by 23-28%. That鈥檚 likely well over $500 million in lost revenue.3

Southwest Airlines

A network outage that hit Southwest Airlines in 2016 caused the cancellation or delay of more than 2,000 flights. The price tag was pegged at $82 million in increased costs and lost revenue 鈥 and that doesn鈥檛 consider the public relations impact nightmare and loss of goodwill. Southwest blamed a faulty router, which it says prompted a widespread network system failure.4

Managing Cyber Risk

Do we have an incident response plan (IRP) that addresses cyber events?

  • Have we stress-tested the IRP with a tabletop exercise?
  • Have we identified all critical vendors to assist us with response and recovery?
  • How are we handling communications with clients?

Do we practice proper cyber hygiene?

  • Multi-factor authentication
  • Endpoint detection and response
  • Secure backups
  • Network access controls
  • Patch management
  • Employee cybersecurity training
  • Secure remote access

Do we have good information governance practices?

  • Do we collect and keep information we don鈥檛 need?
  • Do we keep information longer than necessary?
  • Is protected and/or sensitive information encrypted?
  • Do we limit access to information to only those with a need for it?

Have we considered and purchased cyber insurance?

  • Do we have adequate balance sheet protection for extended downtime?

Protecting an Operation From A Supplier鈥檚 Disruption

Most organizations rely on thirdparty technology service providers for critical functions. For example, automated inventory systems and cloud-based collaboration platforms are deeply embedded into business operations. If a company鈥檚 critical service provider is the source of a prolonged attack, this also can substantially disrupt the company鈥檚 operations. Companies should account for this risk in their business impact analyses.

Did you know?
Third parties cause 70% of all operational downtime, meaning companies cannot predict or control outages that may affect them.5

Cyber Insurance

Cyber insurance was introduced more than 25 years ago to address new and emerging risks not contemplated in traditional Property & Casualty policies. While these cyber policies have evolved to address additional risks, at their core, they are like traditional insurance with similar coverage provisions, such as business interruption and property damage. Some of the notable benefits include:

Free or Discounted Loss Prevention Services

  • Confirmation if controls are in line with best practices
  • External scanning to provide proactive notice of vulnerabilities

Risk Transfer

  • Immediate triage resources upon discovery of an event
  • Access to technical investigation experts
  • Forensic accountants + Extra expense reimbursement
  • Fund expenses to re-create data
  • Indemnification for loss of income
  • Contingent business income loss due to a supplier鈥檚 disruption
  • Specialized cyber policies can cover physical damage to property caused by a cyber event

A Final Word

Information and operational technology advances will continue to drive scale and efficiencies, helping companies innovate and differentiate in their markets. Unfortunately, these rapid changes come with risks 鈥 most notably, the potential for operational disruption when they fail or are compromised.

This is the primary reason cyber risk is consistently ranked as an organization鈥檚 top concern. The unknown volatility associated with disruption from a successful cyberattack can lead to substantial financial loss and, in the worst cases, bankruptcy.

Every organization should take a proactive approach to managing and measuring these emerging risks. Cyber insurance is now an essential corporate finance tool to assist with reducing this volatility. After all, cyber insurance is a blend of risk mitigation tools, a financial backstop, an information-sharing medium, and a source of predictive analysis.

Contact
Contributors

Tim Burke
EVP, Head of Cyber | Commercial E&O

William Boeck
EVP, Cyber Product Leader

Angela Thompson
Sr. Marketing Specialist, Market Intelligence & Insights

Brian Leugs
Writer

Sources
  1. Allianz. (2024). Allianz Risk Barometer 2024: Cyber Incidents. Allianz.
    鈫╋笌
  2. Mossburg, E., Gelinne, J., & Calzada, H. (n.d.). Beneath the Surface of a Cyber Attack. Deloitte. 鈫╋笌
  3. Barsky, N. (2023, October 6). Clorox Crisis Shows Cyber Risks鈥 Harsh Business Downside. Forbes. 鈫╋笌
  4. Global Data Vault. (n.d.). Southwest Airlines Avoided $82M Disaster. Global Data Vault. 鈫╋笌
  5. At-Bay. (2023, June 30). Understanding Contingent Business Interruption in Cyber Insurance. At-Bay. 鈫╋笌